X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Froles%2Ffiles%2Fstatic-mirroring%2Fstatic-master-ssh-wrap;h=06ab715f4d95460222b43da34d858f997878b34c;hb=f42cb0499ff05950c567b58393e81ffe77292b49;hp=2b2ddea7fdbb90825379844e7f7fe2e8ca9580d0;hpb=d6e20ea4c083d9978ad4c3e5eccaffa2e887698a;p=mirror%2Fdsa-puppet.git diff --git a/modules/roles/files/static-mirroring/static-master-ssh-wrap b/modules/roles/files/static-mirroring/static-master-ssh-wrap index 2b2ddea7f..06ab715f4 100755 --- a/modules/roles/files/static-mirroring/static-master-ssh-wrap +++ b/modules/roles/files/static-mirroring/static-master-ssh-wrap @@ -26,6 +26,7 @@ set -u MYLOGNAME="`basename "$0"`[$$]" BASEDIR="/home/staticsync/static-master" +COMPONENTLIST=/etc/static-components.conf usage() { echo "local Usage: $0 " @@ -69,32 +70,19 @@ lock() { fi } -serve_dir() { - local remote_host="$1"; shift - local path="$1"; shift - - local sender='rsync --server --sender -vlogDtprze.iLsf . ' - - if [ -e "$path" ]; then - info "serving $remote_host with $path" - $sender "$path/" - else - info "$remote_host wants non-existing $path" - echo >&2 "$path does not exist." - exit 1 - fi -} - do_rsync() { local remote_host="$1"; shift - if [ "$*" = "--server --sender -vlogDtprze.iLsf . -new-/" ] ; then - serve_dir "$remote_host" "$BASEDIR/current-push" - elif [ "$*" = "--server --sender -vlogDtprze.iLsf . -live-/" ] ; then - local p="$BASEDIR/current-live" - info "host $remote_host wants $p, acquiring lock" - lock 200 "$p" 0 - serve_dir "$remote_host" "$p" + local args="--server --sender -vltrze.iLsf --safe-links ." + if [ "$*" = "$args -new-/" ] ; then + local path="$BASEDIR/current-push" + info "serving $remote_host with $path" + rsync $args "$path/." + elif [ "$*" = "$args . -live-/" ] ; then + local path="$BASEDIR/current-live" + info "host $remote_host wants $path, acquiring lock" + lock 200 "$path" 0 + rsync $args "$path/." else info "NOT allowed for $remote_host: rsync $*" echo >&2 "This rsync command ($@) not allowed." @@ -109,15 +97,16 @@ do_update_component() { component="$1" shift - #if [ "$component" = "www.torproject.org" ] && [ "$remote_host" = "vescum.torproject.org" ]; then - # exec static-master-update-component "$component" - # echo >&2 "Exec failed" - # croak "exec failed" - #else + hit="$(awk -v component="$component" -v host="$remote_host" '$1 == component && $2 == host {print $3; exit}' "$COMPONENTLIST")" + if [ -n "$hit" ]; then + exec static-master-update-component "$component" + echo >&2 "Exec failed" + croak "exec failed" + else info "Not whitelisted: $remote_host update $component" echo >&2 "Not whitelisted: $remote_host update $component" exit 1 - #fi + fi }